Your Ultimate Checklist for NERC CIP Audit

The weeks before a NERC CIP Audit can generate plenty of anxiety in an organization. Mostly, auditors, on purpose, do not spell out the ground rules in advance. That leaves you guessing on what to do to get ready for the much-anticipated day and be successful.

Succeeding in a NERC CIP audit boils down to how prepared you are. Adequate planning helps control emotions, especially the anxiety that builds up during the days preceding the audit. This post will revisit the things you need to keep in mind as you prepare for a NERC CIP audit.

Here’s everything that you need to know.

As mentioned earlier, the NERC has reliability standards that take care of the electricity distribution in Mexico, Canada, and the US. The minimum standards put in place by this nonprofit organization focus on making reliable, stable, efficient, and safe electricity distribution in these areas.

The problem that many electricity distributors face is understanding these minimum requirements. Besides the standards being many, most of them are complex and confusing. 

Thus, organizations need to first understand the requirements before putting efforts to comply,

The first thing that you must do is understanding the language used in crafting the requirements. 

Some terms require close interpretation and may require some technical knowledge. You also need to read through the requirements one by one to untangle what each of them means.

Knowing what auditors are looking for when they come to your organization will help you prepare better. Even without going any deeper, you already know that auditors want to verify that you’re compliant. They want to see the documentation that shows you religiously follow laid procedures.

Your Reliability Standard Audit Worksheets will come in handy here. You also need to have evidence associated with every requirement that the organization has in place. Your RSAWs need to show the procedures you followed and verify that you followed them to the latter.

The evidence you submit to the auditors can help strengthen your case before them. It would be best if you analyzed your document spreadsheet to verify that you have sufficient evidence. Some of the evidence you have can come in the RSAWs, and you can present some additional evidence during the audit.

There are three main steps that you can follow when analyzing your evidence. The first thing to do is determine the procedures and processes that prove compliance in your documentation. The next thing you need is tangible evidence that shows you’re executing every step correctly.

The last step is going through every piece of evidence that you have collected. Check it to ensure that it is complete and sufficient to support your argument. Take action the moment you realize you’re missing a piece of evidence. Go back to the previous step to determine how you can collect and document it.

The packaging of your evidence also determines how successful your NERC CIP audit becomes. The auditors need to find the evidence easily accessible and readable. Ensure that you package evidence in an appropriate format to make it easily accessible.

The best way to package your evidence is by classifying it according to requirements. Then create separate folders for every requirement to make it easier to find. You should also ensure that you remain with copies of the same evidence you’ll present to auditors.

The common files also need a separate folder because they do not look good when combined with the rest of the evidence. Besides, that will save you the time spent copying such files. Another thing is to make the files searchable so that auditors find a specific piece that they’re looking for easily.

Any large files also need separate folders and summaries for smaller files to tidy your documents. The best thing about good packaging of evidence is that you get audited faster. You also need to submit it as soon as you’re done packaging to reduce site activity when RAs arrive at your company.

Practice makes perfect applies in everything that we do as individuals and companies. Preparing for an audit also requires proper practice to ensure you’re ready. With practice, you can hire a third party to evaluate your preparedness or do it internally if you have an audit team at your company.

It would be best if you had different teams handle the mock sessions. For instance, the team that collects and prepares the evidence shouldn’t be the same team that analyzes it. A fresh set of eyes for every step will help you understand your strengths and weaknesses better.

If hiring an external team, make sure that it’s a qualified one. The team needs to have the correct credentials and experience to participate in a company audit. In the end, you should determine how sufficient your evidence is and whether it is sufficient to prove compliance.

Your success in an audit depends on how well you present your work. Remember, you have already put so much into getting your evidence together. So, it would be best if you didn’t lose it at the tail-end. Ensure that you show your strengths perfectly when RAs visit for a physical session at your organization.

Stick to the topic at hand and present what you have for the auditors confidently. As you’d expect, the auditor will have several questions for you. How you answer them will determine how successful you come out at the end of it.

In short, you should prove to the audit team that you have done your homework correctly. The team can read your preparedness and level of compliance once you start showcasing your work.

Another thing that you need to do is being polite to the auditor. Showing that you’re ready to assist them in their work will play a vital role in your success. As mentioned earlier, you should attend to every question and clear any doubts that the auditor may have.

Besides, you need to show a sense of patience through the process. The auditor needs to understand how your company operates and the environment in general. You will play a massive role in this process as you’re the one who knows your business in detail.

Being assistive in this process is very vital for you during the audit. The more information the auditor can access, the fairer their assessment will be, and the more successful the audit. If other employees will take part, ensure that you train them on assisting the auditor through this process to better your success chances.

Proper generation and delivery of bulk electrical services aren’t easy. If left unregulated, many operators may be unreliable, with frequent outages affecting businesses becoming the order of the day. The best thing is that NERC is available to guide on compliance standards for customer protection.

The 1900 plus electricity providers under the NERC are subject to the same standards and regular audits. As an organization, the NERC may regularly review how compliant you are to these standards. The tips mentioned above will help you prepare adequately to avoid various penalties and sanctions.